Solved

Creating domain trusts to access remote shares

Posted on 2012-04-10
6
391 Views
Last Modified: 2012-04-11
Hi Guys,

I've got 2 domains in 2 seperate companies on 2003 and 2008 and have been tasked with creating a trust between them so that the local admins can change permissions on the shares on these domains to allow users from the other domains to access them without having to input their credentials each time. There will be a static VPN between the 2 networks.
I have never set these up before so any basic guides or things to look out for when doing this ? (i.e limitations, patching needed etc)

Thanks
0
Comment
Question by:NotExperts
6 Comments
 
LVL 26

Accepted Solution

by:
Leon Fester earned 500 total points
ID: 37826677
Firstly you'll need that VPN configured.
Next test that your DNS resolves correctly and your DNS servers are accessible from the remote network.

From that it's easy to setup the trust.
See previously answered question.
http://www.experts-exchange.com/Software/Server_Software/File_Servers/Active_Directory/Q_23805633.html

Ports required on your firewall for the trust to work.
http://support.microsoft.com/kb/179442
http://technet.microsoft.com/en-us/library/cc759554(v=ws.10).aspx

All you need to know about trusts.
http://technet.microsoft.com/en-us/library/cc759554(v=ws.10).aspx
0
 
LVL 9

Expert Comment

by:araberuni
ID: 37826687
0
 

Author Comment

by:NotExperts
ID: 37826937
Thanks,

Do i need to setup a stub zone for each domain in the other domains ?
i.e i have 3 domains to setup trusts for so do i need a DNS stub zone for DomainA in DomainB and DomainC and a stub zone for DomainB in DomainA and DomainC etc ?

Ian
0
Are end users causing IT problems again?

You’ve taken the time to design and update all your end user’s email signatures, only to find out they’re messing up the HTML, changing the font and ruining the imagery. What can you do to prevent this? Find out how you can save your signatures from end users today.

 
LVL 26

Expert Comment

by:Leon Fester
ID: 37826944
You can add stub zones, I prefer using conditional forwarders;
http://support.microsoft.com/kb/323380

Even a hosts file entry would work.
0
 
LVL 3

Expert Comment

by:chris-burns
ID: 37831513
I was in the same boat with three domains.

As long as your VPN is setup OK with free, unhindered traffic across the tunnel AND your DNS is set up to resolve correctly you will be good to go. ( Again, i think i would use conditional forwarders rather than stub-zones.)

It is surprisingly easy, our difficulty was to have two exchange servers share the same domain name.
0
 

Author Closing Comment

by:NotExperts
ID: 37836128
That's worked fine. Many Thanks
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
Reading registry key from HKCU and not hklm 10 64
Roaming profile & Office 365 3 35
Expand C partition 13 21
Raid 6 or Raid 10? 19 57
Redirected folders in a windows domain can be quite useful for a number of reasons, one of them being that with redirected application data, you can give users more seamless experience when logging into different workstations.  For example, if a use…
I was supporting a handful of Windows 2008 (non-R2) 2 node clusters with shared quorum disks. Some had SQL 2008 installed and some were just a vendor application that we supported. For the purposes of this article it doesn’t really matter which so w…
This tutorial will walk an individual through the steps necessary to configure their installation of BackupExec 2012 to use network shared disk space. Verify that the path to the shared storage is valid and that data can be written to that location:…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now